Joe Biden declared 46th President of the United States of America. Congratulations to Joe Biden and the first women Vice President of the United States, Kamala Harris.
Apart from the Battle of the Ballots going on, the war on the digital grounds during this election was no surprise. In all the series of events that happened, one caught the web developers' attention because it is about website hacking, and it's none other than Donald J Trump, former US president's campaign website www.donaldjtrump.com that got hacked. The hackers left the message that they have access to the compromising information about Donald Trump.
This is how Donald Trump's website page looked like post-hacking
Two CTA buttons/texts were shared on the screen with cryptocurrency IDs claiming that if one button received more money than the second account, then they will release the information about Donald Trump. The webmasters took care of it and restored the website in 30 minutes. But this was enough to start a debate. Some called it a cryptocurrency scam, while some pointed out the elephant in the room – the election scam.
The message also said that The Trump government was involved in originating the coronavirus, and the president is manipulating the 2020 elections.
Ironically, during the 2016 elections, Donald J Trump criticized Hilary Clinton when her emails were hacked and exposed.
In around October 2020, Donald Trump made a public statement 'Nobody gets hacked. To get hacked, you need somebody with 197 IQ, and he needs about 15% of your password'. The hackers took it as a challenge I guess and hacked his website.
If we leave all the election chaos aside and look at the technical aspect of the attack, it seems Donald Trump's campaign website is hosted on Expression Engine, claiming to be the best open source CMS out there. But, we all know that the best ones are the most vulnerable ones as well. After GoDaddy's 28000 Accounts Hacked and Twitter Blue Tick Accounts Hack, we all can just accept the fact that nothing is 100% secure. Joe Biden was one of the Twitter account hack victims as well. But such an attack happening during a critical time of elections is concerning. People start losing their trust in the process. And when the dust settles, we come to know that a basic loophole left unattended made everything vulnerable.
Trump's website uses Cloudflare as a CDN (Content Delivery Network), so this rules out that the attackers would have accessed the site using SSH or FTP except if they knew the IP of the hosting site's server.
You wouldn't believe it, but Donald J Trump's campaign website's login process didn't have the 2-factor authentication. Tech geeks believe that if that was in place, then this hack would have been prevented. It's an alarm bell for all of us to enable two-factor authentication to have an added layer of security to our websites or wherever we use the logins to request access.
Simply put – if the United States' President’s Official Campaign website is not secure, then what is on the digital grounds.